Godaddy SSL certificate on weblogic

Similar Messages

• Problem in installation of free SSL certificate on Weblogic using keytool

  We tried to install SSL certificate on weblogic certificate using Keystore ..but it is giving error in console at startup and server shutdowns automatically...
  Steps followed:-
  1) To generate keystore and private key and digital cerficate:-
  keytool -genkey -alias mykey2 -keyalg RSA -keystore webconkeystore.jks -storepass webconkeystorepassword
  2) To generate CSR
  keytool -certreq -alias mykey2 -file webconcsr1.csr -keyalg RSA -storetype jks -keystore webconkeystore.jks -storepass webconkeystorepassword
  3) CSR is uploaded on verisign site to generate free ssl certificate.All certificate text received is paste into file (cacert.pem)
  4) Same certificate is put into same keystore using following command
  keytool -import -alias mykey2 -keystore webconkeystore.jks -trustcacerts -file cacert.pem
  5) Before step 4), we have also installed root /intermediate certificate to include chain using following command.
  (intermediateCa.cer file is downloaded from verisign site)
  keytool -import -alias intermediateca -keystore webconkeystore.jks -trustcacerts -file intermediateCa.cer
  6) After this configuration we used weblogic admin module to configure Keystore and SSL.
  7) For KeyStore tab in weblogic admin module, we have select option “Custom Identity And Custom Trust” provided following details under Identity and Trust columns:-
  Private key alias: mykey2
  PassKeyphrase: webconkeystorepassword
  Location of keystore: location of webconkeystore.jks file on server
  8) For SSL tab in weblogic admin module, we have select option “KeyStores” for “Identity and Trust locations”.
  Error on console:
  <Nov 3, 2009 3:00:17 PM IST> <Emergency> <Security> <BEA-090034> <Not listening for SSL, java.io.IOException: Failed to retrieve identity key/certificate from keystore /home/cedera/bea9.0/weblogic90/server/lib/webconkeystore.jks under alias mykey2 on server AdminServer.>
  <Nov 3, 2009 3:00:17 PM IST> <Emergency> <Security> <BEA-090087> <Server failed to bind to the configured Admin port. The port may already be used by another process.>
  <Nov 3, 2009 3:00:17 PM IST> <Critical> <WebLogicServer> <BEA-000362> <Server failed. Reason: Server failed to bind to any usable port. See preceeding log message for details.>
  <Nov 3, 2009 3:00:17 PM IST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FAILED>
  <Nov 3, 2009 3:00:17 PM IST> <Error> <WebLogicServer> <BEA-000383> <A critical service failed. The server will shut itself down>
  <Nov 3, 2009 3:00:17 PM IST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FORCE_SHUTTING_DOWN>
  If anyone knows the solution ,please help us out.Thanx in advance.
  I was really happy to get reply yesterday from "mv".I was not expecting such instant response.

  Thanx all guys for your interest and support.
  I have solved this issue.
  We have weblogic 9 on unix env.
  Following steps which I followed:
  #generate private key
  keytool -genkey -v -alias uinbrdcsap01_apac_nsroot_net -keyalg RSA -keysize 1024 -dname "CN=linuxbox042, OU=ASIA, O=Citigroup, L=CALC, S=MH, C=IN" -validity 1068 -keypass "webconkeystorepassword" -keystore "cwebconkeystore"
  #generate csr
  keytool -certreq -v -alias uinbrdcsap01_apac_nsroot_net -file linuxbox042.csr -keypass "webconkeystorepassword" -keystore "cwebconkeystore" -storepass webconkeystorepassword
  Then we uploaded this csr on verisigns free ssl certificate to generate and receive certificate text.
  We copied that text file in "ert4nov2009.crt" rt file used below.
  Apart from that , mail which we received from verisign also contains links to download root ca certificate and intermediate ca certificate.We downloaded them.
  roo ca in "root4nov2009.cer" file.
  intermediate ca in "intermediateca4nov2009.cer"
  both these files used in
  #import root certificate
  keytool -import -alias rootca -keystore "cwebconkeystore" -storepass "webconkeystorepassword" -trustcacerts -file "root4nov2009.cer"
  #import intermediate ca certificate
  keytool -import -alias intermediateca -keystore "cwebconkeystore" -storepass "webconkeystorepassword" -trustcacerts -file "intermediateca4nov2009.cer"
  #install free ssl certifiate
  keytool -import -alias uinbrdcsap01_apac_nsroot_net -file "cert4nov2009.crt" -trustcacerts -keypass "webconkeystorepassword" -keystore "cwebconkeystore" -storepass "webconkeystorepassword"
  #after this admin configuration
  In weblogic admin console module, we did following settings:-
  1. under Configuration tab
  a. Under KeyStore tab
  For keystore , we selected "Custom identity and Custom Trust"
  Under Identity,
  Custom Identity Keystore:location of keystore "webconkeystore" on weblogic server
  Custom Identity Keystore Type: JKS
  Custom Identity Keystore Passphrase:password for keystore mentioend above.In our case, webconkeystorepassword
  Same we copied Under "Trust", as we have not created separate keystore for trust.
  Save setting.
  b. Under SSL tab
  Identity and Trust Locations: select "Keystores"
  Private Key Alias: alias used while creating private keyi.e. in our case "uinbrdcsap01_apac_nsroot_net"
  Save setting.
  c. Under General tab
  Check checkbox "SSL Listen Port Enabled"
  and mention ssl port "SSL Listen Port"
  Save setting.
  After this activate changes.You might see error on admin module.
  Using command prompt, stop the server and again restart and then try to access using https and port ...
  you will definately get output...
  in our case issue might be due to key size..we used 1024 key size ..it solve problem.
  for your further reference plz find link below..it is also helpful.
  http://download.oracle.com/docs/cd/E13222_01/wls/docs81/plugins/nsapi.html#112674

• GoDaddy SSL Certificates in WLS v 10.3.1.0

  I have no experience with SSL, and I am struggling to install an SSL certificate from GoDaddy.
  WebLogic Server was provided with third party software we purchased, and that vendor
  "cannot answer questions about third party software". GoDaddy could not provide instructions
  for WLS, and said we should select "Other".
  I was able to create a custom keystore, self-signed certificate, and CSR. That was sent to GoDaddy,
  and I received a certificate and a bundle (gd_bundle.crt) from them. I have been floundering since
  then. I also tried getting a Class 2 and intermediate certificate here:
  [https://certs.godaddy.com/anonymous/repository.seam]
  All I have been able to get working has been the self-signed certificate, which is okay for now, as
  the application is for use within our company.
  Any advice on getting the correct certificates into the correct identity store and trust store will be
  appreciated. I am willing to start from square one, if someone can provide step by step instructions
  that are likely to work.
  Thanks in advance!
  Rich

  Drop me a mail, I can help you offline
  [email protected]
  -Faisal
  http://weblogic-wonders.com

• Accepting runtime-specified SSL certificates in WebLogic 11g

  Hi all!
  In our application we need to call several Web Servervices based on URL's and trusted SSL certificates that are stored in database. Those certificates are self-signed but we cannot add them in the WebLogic truststore (we only want to accept them for those specific web service calls). This is 2-way SSL but our server refuses the remote certificate.
  What is the right way to do this?
  In WebLogic 10g we used to do the following:
      WlsSSLAdapter adapter = new WlsSSLAdapter();
      try {
          // setup for client certificate
          adapter.setKeystore(…);
          adapter.setClientCert(…);
          // setup for accepting the remote certificate
          adapter.setTrustManager(new TrustManager() {
              @Override
              public boolean certificateCallback(X509Certificate[] paramArrayOfX509Certificate, int paramInt) {
                  return paramArrayOfX509Certificate[0] == expectedCertificate;
      } catch (Exception e) {
          throw new RuntimeException(e);
      ((weblogic.wsee.jaxrpc.StubImpl) servicePort)._setProperty(weblogic.wsee.jaxrpc.WLStub.SSL_ADAPTER, adapter);However in WebLogic 11g it appears that even if the <tt>TrustManager</tt> is called (which we checked by using a debugger), WebLogic refuses the certificate:
  <validationCallback: validateErr = 16>
  <  cert[0] = Serial number: 9232073310112809071929676484517784211
      Issuer:C=US, ST=MyState, L=MyTown, O=MyOrganization, OU=FOR TESTING ONLY, CN=mestoudi2
      Subject:C=US, ST=MyState, L=MyTown, O=MyOrganization, OU=FOR TESTING ONLY, CN=mestoudi2
      Not Valid Before:Tue Nov 01 14:33:31 CET 2011
      Not Valid After:Sun Nov 02 14:33:31 CET 2031
      Signature Algorithm:MD5withRSA
      >
  <weblogic user specified trustmanager validation status 16>
  <Certificate chain received from mestoudi2 - 10.142.0.23 was not trusted causing SSL handshake failure.>
  <Validation error = 16>
  <Certificate chain is untrusted>
  <SSLTrustValidator returns: 16>
  <Trust status (16):  CERT_CHAIN_UNTRUSTED>
  <NEW ALERT with Severity: FATAL, Type: 42
      java.lang.Exception: New alert stack
        at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
        at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
        at com.certicom.tls.record.handshake.ClientStateReceivedServerHello.handle(Unknown Source)
  …I think the first difference occurs on the line "+weblogic user specified trustmanager validation status 16+" where in WebLogic 10g the value was 0 instead of 16.
  If we check "Use JSSE SSL" in the WebLogic administration console (which switches the implementation to com.sun.net.ssl instead of com.certicom.tls), the <tt>TrustManager</tt> is not called at all.
  We also tried to configure the <tt>TrustManager</tt> by implementing a <tt>javax.net.ssl.X509TrustManager</tt> that we set on a <tt>weblogic.wsee.connection.transport.https.HttpsTransportInfo</tt> passed to the stub using
  ((weblogic.wsee.jaxrpc.StubImpl) servicePort)._setProperty(TRANSPORT_INFO, transportInfo);But it is not called either – however it works for setting up a proxy for example. We are generating the stubs using the clientgen Ant task (<tt>weblogic.wsee.tools.anttasks.ClientGenTask</tt>).
  We are a little bit stuck, any idea of what we should do? Is the WebLogic 11g behavior a regression or is there something else we should configure to get back the old behavior?

  Hello,
  Weblogic has two keystores : identity (if you are doing 2 ways SSL) and trust. you should import your "external" certificate in the "trust" key store.
  look at your server config to know your config : Home >Summary of Servers >AdminServer-->configuration-->keystore
  I suggest that you change the default configuration (not using the demo one),
  then when you know where is yo key store use the command line to add your certificate to trusted store (this is a example) :
  opt/weblogic10_3_3/jdk160_18/jre/bin/keytool -import -noprompt -trustcacerts -alias BLCCertificateAuthority -file cacert2035.pem -keystore /opt/weblogic10_3_3/jdk160_18/jre/lib/security/cacerts
  once your certificated is added to your trust store it should work.
  I hope it will help.

• Install GoDaddy SSL Certificate to Windows Server 2012 - Access Anywhere

  I would like to activate Access Anywhere on my windows server 2012 essentials. I went through the guided steps and purchased a SSL certificate from Godaddy. Godaddy doesn't offer support regarding the correct installation process of their certificates
  using iis 8 (server 2012 essentials). I noticed that Access Anywhere requires a PFX certificate and Godaddy only provided a PKCS #7 and a cer. file. Please let me know if Godaddy's certificates are compatible with windows server 2012 essentials. Without Access
  Anywhere functioning on my server, the usefulness of the server greatly decreases. Your assistance is greatly appreciated. Thanks. 

  All you need is the standard, lowest level, single domain, no email, no bells, no whistles, no UCC.  Just a simple SSL cert.  Even SBS standard which adds email to the RWA feature, only requires that, thanks to the magic of the dev. team.
  Larry Struckmeyer[SBS-MVP] If your question is answered, please mark the response as the answer so that others can benefit.

• Godaddy SSL certificate installation problems - intermediate certificate not being recognized

  domain = mail.gottfried.org
  Installed both the certificate and the intermediate certificate from godaddy (used the 10.6 mac os x version)
  Response from:
  http://www.sslshopper.com/ssl-checker.html#hostname=mail.gottfried.org
  The certificate is not trusted in all web browsers. You may need to install an Intermediate/chain certificate to link it to a trusted root certificate. Learn more about this error. You can fix this by following GoDaddy's Certificate Installation Instructions for your server platform. Pay attention to the parts about Intermediate certificates.
  When I check in 0000_any_443_.conf
  I see:
  SSLCertificateFile "/etc/certificates/mail.gottfried.org.1E5F3C903B64E78E3241929B16F616D1DDD130FE. cert.pem
  SSLCertificateKeyFile "/etc/certificates/mail.gottfried.org.1E5F3C903B64E78E3241929B16F616D1DDD130FE. key.pem
  SSLCertificateChainFile "/etc/certificates/mail.gottfried.org.1E5F3C903B64E78E3241929B16F616D1DDD130FE. chain.pem
  I am assuming that the intermediate certificate should be:
  mail.gottfried.org.1E5F3C903B64E78E3241929B16F616D1DDD130FE.chain.pem
  When I look at that certicate it is the same as
  mail.gottfried.org.1E5F3C903B64E78E3241929B16F616D1DDD130FE.cert.pem
  When I check keychain and exported both the mail.gottfried.org certificate and also the starfield secure certification authority they match what was installed initially (what I downloaded from Godaddy).
  It looks like in the install process the intermediate certificate is not being linked to the ssl certificate and that the ssl certificate is being used for the chain.
  Anyone have any suggestions?
  I have talked to both Godaddy and Apple Enterprise support. Godaddy has nothing past 10.6 instruction wise (though the support person really tried to help). The Apple rep couldnt really help and if I really want help from them I need to talk to integration where costs start at $700....
  Anyone have an SSL provider that worked properly with 10.8  or has really good support for mountain lion server?
  Please let me know.
  Thanks!

  While you still can, get a refund for the certificate, and get a certificate from somebody else, and preferably one that doesn't need an intermediate?  That'll be the easiest.
  If you're not doing ecommerce or otherwise dealing with web browsers and remote clients that you don't have some control over or affiliation with, you can use a private certificate and get equivalent (or arguably better) security.  Running your own certificate authority does mean you'll learn more about certificates, though.
  Here and here are general descriptions of getting certificates and intermediate certificates loaded, and some troubleshooting here and particularly here (TN2232).  I have found exiting Keychain Access to be a necessary step on various versions.  It shouldn't be, but...
  FWIW and depending on your particular DNS setup and whether you're serving multiple web sites, you'll need a multiple-domain certificate.
  Full disclosure: I've chased a few of these cases around for customers, and it can take an hour or three to sort out what the particular vendor of math, err, certificates has implemented, to confirm the particular certificate formats and possibly convert the certificates where necessary, and to generally to sort out the various posted directions and confusions.  (I'm not particularly fond of any of the major math, err, certificate vendors, either.)

• Problems using 4096 bit SSL certificate with WebLogic Apache 2.2 plug-in

  Hi,
  'm using WebLogic 9.2 MP3 and Apache HTTP Server (version 2.2) Plug-In. For security reasons, I have SSL installed on both Apache and WebLogic. So Apache must communicate with WebLogic via https.
  I get the following error when attempting to access WebLogic via Apache:
  Internet Explorer cannot display the webpage
  These are the last lines in wlproxy log:
  Fri Feb 26 14:08:59 2010 <71212672221392> INFO: SSL is configured
  Fri Feb 26 14:08:59 2010 <71212672221392> SSL Main Context not set. Calling InitSSL
  Fri Feb 26 14:08:59 2010 <71212672221331> INFO: Initializing SSL library
  I've found that the problem is caused by using a 4096 bit intermediate cert. When I include this 4096 bit cert in the file referenced by plugin parameter "TrustedCAFile", it is unable to load it. I've tested 4096 bit certs from a few different certificate authorities, and consistently see this problem, so I know the problem is not related to the specific certificate. If I use a 2048 bit intermediate certificate, everything works perfectly fine.
  Do you know if there are limitations to the certificate length that the plug-in can use?

  Yes 4096 bit Certificates are not supported by the plugin.
  You can use up to 2048 bit.
  There is a Bug which clearly mentions it.
  I dont remember the Bug Number, but an Oracle Support person will be able to tell you.
  Hope this helps.
  Faisal Khan
  Edited by: Faisal Khan on Feb 27, 2010 2:08 PM

• How to configure SSL certificates on weblogic 10.3.5?

  Hi everybody,
  i' ve got 2 certificates: Server and Intermediate CA. I used java keytool command to import these two certificates into new keystore:
  keytool -import -v -alias server_cert -file certificate.pem -keystore keystore.jks
  keytool -import -v -alias intermediate_ca -file intermediate.pem -keystore keystore.jks
  Then as weblogic 10.3.5 documentation says i need to use ImportPrivateKey utility in order to import private key into keystore, so i use this command:
  java utils.ImportPrivateKey -keystore private.jks -storepass password -keyfile mykey -keyfilepass password -keyfile private.pem -alias private
  and get the following error:
  Exception in thread "main" java.lang.NoClassDefFoundError: utils.ImportPrivateKey
  at gnu.java.lang.MainThread.run(libgcj.so.7rh)
  Caused by: java.lang.ClassNotFoundException: utils.ImportPrivateKey not found in gnu.gcj.runtime.SystemClassLoader{urls=[file:./], parent=gnu.gcj.runtime.ExtensionClassLoader{urls=[], parent=null}}
  at java.net.URLClassLoader.findClass(libgcj.so.7rh)
  at java.lang.ClassLoader.loadClass(libgcj.so.7rh)
  at java.lang.ClassLoader.loadClass(libgcj.so.7rh)
  at gnu.java.lang.MainThread.run(libgcj.so.7rh)
  Any ideas? Thanks.
  Regards,
  Karolis M.

  Hello,
  Weblogic has two keystores : identity (if you are doing 2 ways SSL) and trust. you should import your "external" certificate in the "trust" key store.
  look at your server config to know your config : Home >Summary of Servers >AdminServer-->configuration-->keystore
  I suggest that you change the default configuration (not using the demo one),
  then when you know where is yo key store use the command line to add your certificate to trusted store (this is a example) :
  opt/weblogic10_3_3/jdk160_18/jre/bin/keytool -import -noprompt -trustcacerts -alias BLCCertificateAuthority -file cacert2035.pem -keystore /opt/weblogic10_3_3/jdk160_18/jre/lib/security/cacerts
  once your certificated is added to your trust store it should work.
  I hope it will help.

• Anyone use godaddy ssl certs?

  I have been looking into changing ssl certificates, currently we use thawte. I have had some trouble with the godaddy ssl certificates but I think it is probably that it is just slightly different then what I was used to. My question is is anyone else out their using godaddy for your ssl certificates and have you had any issues or do you have any concerns with using them?

  Yes, I havnt seen any issues with it.
  If u need any help installing it in ur keystore let me knw.
  -Faisal
  http://weblogic-wonders.com

• ICal server won't work with SSL certificate

  I'm running Leopard Server 10.5.7, and have a GoDaddy SSL certificate installed on the server, which is working fine in Apache, but not for iCal server.
  In the Security Certificates section of Server Admin, the certificate shows up properly with the correct hostname, with the correct authority (i.e. not self-signed). I can use the certificate for one of my SSL websites, and it works fine, no browser errors, all works great.
  However, if I use Server Admin to enable SSL for iCal server and then select my GoDaddy certificate from the "Certificate" dropdown, the dropdown immediately changes to "Custom Configuration." So I save changes and stop/start the iCal service.
  Then I took my iCal clients (which were all working fine without SSL), and in 'Server Settings,' I changed the server address to https (instead of http), and port 8443 (instead of port 8008). But then when I refresh the calendars, iCal throws an error saying:
  "Unexpected secure name resolution error (code -9844). The server name may be incorrect."
  When I set everything back to the way it was before I started, all works fine.
  Anyone have any suggestions?

  Your problem seems similar to this thread:
  http://discussions.apple.com/thread.jspa?threadID=1992033&tstart=0
  There is some contradictory anecdotal information there, however. Tis reply in another thread:
  http://discussions.apple.com/message.jspa?messageID=6288712#6288712
  may hold some answers to your problem. There are two very enlightening articles on AFP548.com regarding certificate issues:
  http://www.afp548.com/article.php?story=20080624005724638
  http://www.afp548.com/article.php?story=20071203011158936
  That might also be of assistance. Then there's this little tidbit:
  http://www.networkjack.info/blog/2007/11/30/ssl-cert-with-subject-alternate-name /
  These may-or-may-not solve theproblem but may provide insight as to why it's happening.

• Inccorect Encrypted block when inserting SSL certificate

  Generated new SSL certificate for Weblogic Serer 6.1, inserted Server certificate, the Root Certificate Authority (Chain File), the Private key file but is getting the following error - can anyone assist?
  weblogic.security.AuthenticationException: Incorrect encrypted block possibly incorrect SSLServerCertificateChainFileName set for this server certificate at weblogic.t3.srvr.SSLListenThread.insertIntoCAChain(SSLListenThread.java:291)...

  This might be caused by an invalid/not specified private key password.
  Pavel.
  bibi <[email protected]> wrote:
  Generated new SSL certificate for Weblogic Serer 6.1, inserted Server
  certificate, the Root Certificate Authority (Chain File), the Private
  key file but is getting the following error - can anyone assist?
  weblogic.security.AuthenticationException: Incorrect encrypted block
  possibly incorrect SSLServerCertificateChainFileName set for this server
  certificate at weblogic.t3.srvr.SSLListenThread.insertIntoCAChain(SSLListenThread.java:291)...

• DSEE7 - DPS and CA-signed SSL certificates

  I recently deployed two new DSEE7 DPS servers and last night was attempting to install CA-signed (GoDaddy) SSL certificates on them. I used dpadm to generate the required 2048-bit CSR and received my certificates. I added them to the servers using the DSCC interface and after adding them and restarting the instance the certs were not showing up. I thought perhaps the operation had failed so I tried again and saw that the alias already existed. I then noticed that the certificate was listed under the CA certificates. I deleted it from there and imported the cert using dpadm add-cert, only to have the same thing happen again.
  dpadm add-cert /usr/local/dps/instance/ dps03.prod.domain.com /tmp/dps03.prod.domain.com.crt
  # dpadm list-certs /usr/local/dps/instance
  0 certificate found.
  # dpadm list-certs -C /usr/local/dps/instance | grep dps03
  dps03.prod.domain.com     2010/01/19 11:08 2013/01/19 11:08 n         SERIALNUMBER=xxxxxxxx, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US      CN=dps03.prod.domain.com, OU=Domain Control Validated, O=dps03.prod.domain.comI have installed SSL certificates from GoDaddy on all my other production DS and DSEE systems (6.3.1) without issue, including their intermediate and root certificates to complete the trust chain.
  Does anyone have any insight into what the issue might be and how to correct it?

  Hi,
  Have you used the same alias in both case ? . i.e
  dpadm request-cert [options] /usr/local/dps/instance dps03.prod.domain.com
  then
  dpadm add-cert /usr/local/dps/instance/ dps03.prod.domain.com /tmp/dps03.prod.domain.com.crt

• Installing SSL Certificate(s) on IOS

  Having an issue with an SSL certificate (DigiCert) on a Cisco 2811 running IOS 124-24.T4.
  I can get the certificate(s), intermediate and server certs installed fine unsing the one trustpoint created. And the ssl website works fine for IE browsers, but other browser types get errors. When I do an SSL cert check it shows that the "The server is not sending the requied intermediate certificate" (see attachment). I feel like I have followed what documentaiton is available correctly. Any suggestions is greatly appreciated.
  This is the best directions I could find to follow. They are specifically for go-daddy certs but I think it would be the same process for any.
  http://bytesolutions.com/Support/Knowledgebase/KB_Viewer/smid/622/ArticleID/21/reftab/195/t/Installing-GoDaddy-SSL-Certificates-on-a-Cisco-IOS-Router-using-CLI.aspx
  Thanks,
  BR

  Hi ,
  If you have multiple CA certs, you need to authenticate the trustpoint containing the identity certs using the immediate intermediate cert and then use other trustpoints to import the  other CA certs one by one.
  So basically,we need to follow the following configuration to import the 3 CA certificate and the Identity certificate on the router:
  1.  Create root trustpoint
  >>
  >> Crypto ca trustpoint root
  >> Enrollment terminal
  >>
  >> chain-validation stop
  >>
  >> revocation-check none
  >>
  >> Crypto ca authenticate root
  >> (this will prompt to paste in the PEM/base64 of the Root CA certificate)
  >> Quit after you paste the Root CA certificate.
  >>
  >>
  >> 2.  Create intermediate trustpoint for the primary intermediate certificate
  >>
  >> crypto ca trustpoint intermediate-primary
  >> enrollment terminal
  >>
  >> chain-validation continue root
  >>
  >> revocation-check none
  >>
  >> crypto ca authenticate intermediate-primary
  >> (this will prompt to paste in the PEM/base64 of the Primary Intermediate CA certificate)
  >> Quit after you paste the intermediate primary certificate.
  >>
  >>
  >> 3.  Create intermediate trustpoint for the secondary intermediate certificate
  >>
  >> crypto ca trustpoint intermediate-secondary
  >> enrollment terminal
  >> keypair
  >> chain-validation continue intermediate-primary
  >>
  >> crypto ca authenticate intermediate-secondary
  >> (this will prompt to paste in the PEM/base64 of the Secondary Intermediate CA certificate)
  >> Quit after you paste the intermediate secondary certificate.
  >>
  >> 4.  Import the IDentity certificate
  >>
  >> crypto ca import intermediate-secondary certificate
  >> (paste the ID certificate PEM/base64 here)

• How do I install a CSR & SSL Certificate in Adobe Muse while hosting the website with GoDaddy, not Business Catalyst?

  I have designed a website and I want to host it with GoDaddy. I also want to install a SSL Certificate so I can get the HTTPS://mydomain.com instead of the HTTPS://mydomain.worldsecuresystems.com that I get with BC. Is there a way to install the SSL Certificate in Adobe Muse so that I can do this?

  This is something you'd have to do on Go Daddy, its not something that would be done in Muse.
  Go Daddy's page on their SSL service is: SSL Certificates | Secure Your Data & Transactions - GoDaddy

• Can I reference 2 different SSL certificates in the same weblogic.properties

  Hello,
  Can I reference 2 different SSL certificates in the same
  weblogic.properties
  file?
  Reason is we have 2 groups of users for a web application: one will use
  a
  French-language DNS to access
  the application, and the other will use English DNS. Both DNS will point
  to
  the same application on the same
  server.
  Example of what we require:
  weblogic.security.certificate.server=mycert1.pem
  weblogic.security.key.server=mykey1.der
  weblogic.security.certificate.authority=rootCertificate1.pem
  ----and---
  weblogic.security.certificate.server=mycert2.der
  weblogic.security.key.server=mykey2.der
  weblogic.security.certificate.authority=rootCertificate2.pem
  mycert1 will correspond to DNS1, and mcert2 will correspond to DNS2, and
  both
  DNS1 and DNS2 point to the same application on the same box.
  Thanks,
  Ragu

  I think that you can only have one server certificate per server currently
  since the certificate establishes the server's identity and there isn't
  support for a server to have two identities at the same time.
  "RAGUTAM BOMMAREDDY" <[email protected]> wrote in message
  news:[email protected]..
  Hello,
  Can I reference 2 different SSL certificates in the same
  weblogic.properties
  file?
  Reason is we have 2 groups of users for a web application: one will use
  a
  French-language DNS to access
  the application, and the other will use English DNS. Both DNS will point
  to
  the same application on the same
  server.
  Example of what we require:
  weblogic.security.certificate.server=mycert1.pem
  weblogic.security.key.server=mykey1.der
  weblogic.security.certificate.authority=rootCertificate1.pem
  ----and---
  weblogic.security.certificate.server=mycert2.der
  weblogic.security.key.server=mykey2.der
  weblogic.security.certificate.authority=rootCertificate2.pem
  mycert1 will correspond to DNS1, and mcert2 will correspond to DNS2, and
  both
  DNS1 and DNS2 point to the same application on the same box.
  Thanks,
  Ragu